package com.cskaoyan.shiro;

import com.cskaoyan.bean.pojo.MallAdmin;
import com.cskaoyan.bean.pojo.MallAdminExample;
import com.cskaoyan.bean.vo.PermissionVO;
import com.cskaoyan.mapper.MallAdminMapper;
import com.cskaoyan.mapper.MallRolePermissionMapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.validation.constraints.Size;
import java.util.ArrayList;
import java.util.List;

/**
 * @Author harvey
 * @description: 有关admin的认证和授权域
 * @Date 2021/7/11 15:29
 */
@Component
public class AdminRealm extends AuthorizingRealm {

    @Autowired
    MallAdminMapper mallAdminMapper;

    @Autowired
    MallRolePermissionMapper mallRolePermissionMapper;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        MallToken token = (MallToken) authenticationToken;
        String username = token.getUsername();
        MallAdminExample mallAdminExample = new MallAdminExample();
        MallAdminExample.Criteria criteria = mallAdminExample.createCriteria();
        criteria.andUsernameEqualTo(username);
        List<MallAdmin> mallAdmins = mallAdminMapper.selectByExample(mallAdminExample);

        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(mallAdmins.get(0), mallAdmins.get(0).getPassword(), this.getName());
        return authenticationInfo;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        MallAdmin admin = (MallAdmin) principalCollection.getPrimaryPrincipal();
        Integer[] roleIds = admin.getRoleIds();
        List<String> permissionsList = new ArrayList<>();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        for (Integer roleId : roleIds) {
            if (roleId.equals(1)) {
                permissionsList.add("*");
                break;
            }
            PermissionVO permissionVO = mallRolePermissionMapper.selectRolePermissionVOByRoleId(roleId);
            String[] permissionsArray = permissionVO.getPermissions();
            for (String permission : permissionsArray) {
                if (permission.equals("GET /admin/config/wx")) {
                    permissionsList.add("admin:config:wx:list");
                } else if (permission.equals("POST /admin/config/wx")) {
                    permissionsList.add("admin:config:wx:updateConfigs");
                } else if (permission.equals("GET /admin/config/express")) {
                    permissionsList.add("admin:config:express:list");
                } else if (permission.equals("POST /admin/config/express")) {
                    permissionsList.add("admin:config:express:updateConfigs");
                } else if (permission.equals("GET /admin/config/mall")) {
                    permissionsList.add("admin:config:mall:list");
                } else if (permission.equals("POST /admin/config/mall")) {
                    permissionsList.add("admin:config:mall:updateConfigs");
                } else if (permission.equals("GET /admin/config/order")) {
                    permissionsList.add("admin:config:order:list");
                } else if (permission.equals("POST /admin/config/order")) {
                    permissionsList.add("admin:config:order:updateConfigs");
                } else if (permission.equals("POST /admin/role/permissions")) {
                    permissionsList.add("admin:role:permission:update");
                } else if (permission.equals("GET /admin/role/permissions")) {
                    permissionsList.add("admin:role:permission:get");
                } else if (permission.equals("GET /admin/groupon/listRecord")) {
                    permissionsList.add("admin:groupon:read");
                } else if (permission.equals("GET /admin/order/detail")) {
                    permissionsList.add("admin:order:read");
                } else if (permission.equals("POST /admin/index/write")) {
                    permissionsList.add("index:permission:write");
                } else if (permission.equals("GET /admin/index/read")) {
                    permissionsList.add("index:permission:read");
                } else if (permission.contains("GET /")) {
                    String firstReplace = permission.replace("GET /", "");
                    String secondReplace = firstReplace.replace("/", ":");
                    permissionsList.add(secondReplace);
                } else if (permission.contains("POST /")) {
                    String firstReplace = permission.replace("POST /", "");
                    String secondReplace = firstReplace.replace("/", ":");
                    permissionsList.add(secondReplace);
                }
                permissionsList.add(permission);
            }
        }
        authorizationInfo.addStringPermissions(permissionsList);
        return authorizationInfo;
    }
}
